71.6.158.166 - IPInfo

Basic Info

City: San Diego

Region: California

Country: United States

Internet Service Provider: CARInet Inc.

Hostname: unknown

Organization: CariNet, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
botsattack	hacking	2024-02-23 13:48:47
attack	connect from ninja.census.shodan.io[71.6.158.166] all over the postfix logs.	2020-10-06 04:51:09
attack	connect from ninja.census.shodan.io[71.6.158.166] all over the postfix logs.	2020-10-05 20:53:55
attackspambots	Automatic report - Banned IP Access	2020-10-05 12:42:50
attackbots	TCP (SYN) 71.6.158.166:20041 -> port 22, len 44	2020-09-23 00:01:51
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 58 - port: 1599 proto: tcp cat: Misc Attackbytes: 60	2020-09-22 16:05:12
attack	Icarus honeypot on github	2020-09-22 08:08:23
attackspambots	" "	2020-08-23 20:46:15
attackspam	Telnet Server BruteForce Attack	2020-08-23 17:04:07
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8069 [T]	2020-08-16 20:10:26
attackspambots	port	2020-08-14 18:34:00
attackspam	Scanned 1 times in the last 24 hours on port 21	2020-08-11 08:53:53
attackspambots	UDP 71.6.158.166:21934 -> port 47808, len 45	2020-08-03 21:43:41
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 5007	2020-07-29 14:02:03
attackspam	Jul 21 17:49:44 debian-2gb-nbg1-2 kernel: \[17605118.331840\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=71.6.158.166 DST=195.201.40.59 LEN=44 TOS=0x10 PREC=0x00 TTL=110 ID=29494 PROTO=TCP SPT=19330 DPT=4242 WINDOW=39658 RES=0x00 SYN URGP=0	2020-07-22 00:13:18
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 2762	2020-07-21 14:13:59
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 9000	2020-07-13 15:53:24
attackbots	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 902	2020-07-11 04:20:03
attackbots	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 9595	2020-07-07 03:15:20
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 4443	2020-06-10 17:31:35
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 2121	2020-06-08 17:56:15
attackbotsspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8112 [T]	2020-06-07 22:13:41
attackbots	4840/tcp 2379/tcp 1521/tcp... [2020-03-31/06-01]324pkt,180pt.(tcp),22pt.(udp)	2020-06-01 17:32:28
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 873	2020-06-01 00:15:44
attackbots	TCP (SYN) 71.6.158.166:29011 -> port 8090, len 44	2020-05-26 11:38:00
attackbots	Fail2Ban Ban Triggered	2020-05-11 06:53:44
attack	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 8500	2020-05-10 21:10:28
attackspam	Unauthorized connection attempt detected from IP address 71.6.158.166 to port 10250	2020-05-07 03:37:02
attack	[portscan] tcp/81 [alter-web/web-proxy] in blocklist.de:'listed [bruteforcelogin]' *(RWIN=38362)(04261133)	2020-04-26 18:52:16
attack	[Tue Apr 21 10:24:18 2020] - DDoS Attack From IP: 71.6.158.166 Port: 18020	2020-04-23 19:28:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 71.6.158.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12836
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;71.6.158.166.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032901 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Mar 30 10:36:05 +08 2019
;; MSG SIZE  rcvd: 116

Host info

166.158.6.71.in-addr.arpa domain name pointer ninja.census.shodan.io.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
166.158.6.71.in-addr.arpa	name = ninja.census.shodan.io.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.250.36.113	attackspam	Oct 16 16:48:50 dedicated sshd[27730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.250.36.113 user=root Oct 16 16:48:51 dedicated sshd[27730]: Failed password for root from 103.250.36.113 port 47905 ssh2	2019-10-16 23:32:41
14.63.174.149	attackspam	Oct 16 16:34:20 bouncer sshd\[24684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149 user=root Oct 16 16:34:22 bouncer sshd\[24684\]: Failed password for root from 14.63.174.149 port 55077 ssh2 Oct 16 16:38:51 bouncer sshd\[24694\]: Invalid user can from 14.63.174.149 port 46569 Oct 16 16:38:51 bouncer sshd\[24694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.174.149 ...	2019-10-16 23:34:51
89.248.167.131	attack	" "	2019-10-16 23:33:31
184.22.210.65	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 23:30:46
46.101.73.64	attackbots	2019-10-16T15:14:32.096604abusebot-3.cloudsearch.cf sshd\[30716\]: Invalid user norma from 46.101.73.64 port 49012	2019-10-16 23:31:17
201.22.59.4	attackbots	Automatic report - Port Scan Attack	2019-10-16 23:31:33
60.255.144.162	attackspam	firewall-block, port(s): 1433/tcp	2019-10-16 23:21:44
194.228.3.191	attack	Oct 16 13:59:16 hcbbdb sshd\[7136\]: Invalid user z from 194.228.3.191 Oct 16 13:59:16 hcbbdb sshd\[7136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191 Oct 16 13:59:18 hcbbdb sshd\[7136\]: Failed password for invalid user z from 194.228.3.191 port 52363 ssh2 Oct 16 14:03:31 hcbbdb sshd\[7568\]: Invalid user nera from 194.228.3.191 Oct 16 14:03:31 hcbbdb sshd\[7568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191	2019-10-16 23:54:33
162.158.111.134	attackbots	162.158.111.134 - - [16/Oct/2019:13:19:49 +0200] "GET /wp-login.php HTTP/1.1" 404 13101 ...	2019-10-16 23:36:20
45.136.109.239	attack	Oct 16 16:43:09 mc1 kernel: \[2523359.945556\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.239 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=4523 PROTO=TCP SPT=46285 DPT=101 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 16 16:43:28 mc1 kernel: \[2523378.872041\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.239 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=1492 PROTO=TCP SPT=46285 DPT=19691 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 16 16:52:40 mc1 kernel: \[2523930.792355\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.239 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=30303 PROTO=TCP SPT=46285 DPT=3500 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-16 23:25:24
153.254.113.26	attackbots	Oct 16 16:21:28 lnxweb62 sshd[11668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.254.113.26	2019-10-16 23:29:15
139.155.33.169	attackspambots	Oct 16 13:41:51 master sshd[6816]: Failed password for root from 139.155.33.169 port 53118 ssh2 Oct 16 14:14:52 master sshd[7167]: Failed password for root from 139.155.33.169 port 50174 ssh2 Oct 16 14:20:03 master sshd[7217]: Failed password for root from 139.155.33.169 port 58056 ssh2	2019-10-16 23:15:37
149.202.146.225	attack	8 probes eg: /license	2019-10-16 23:23:12
13.112.223.232	attack	BUREAU D'ENREGISTREMENT via r07w7---40---us-west-2.compute.amazonaws.com Date: 16 oct. 2019 13:16 𝓕𝓮́𝓵𝓲𝓬𝓲𝓽𝓪𝓽𝓲𝓸𝓷𝓼, 𝓿𝓸𝓾𝓼 𝓪𝓿𝓮𝔃 𝓮́𝓽𝓮́ 𝓼𝓮́𝓵𝓮𝓬𝓽𝓲𝓸𝓷𝓷𝓮́ r07w7---40---us-west-2.compute.amazonaws.com	2019-10-16 23:11:51
171.244.140.174	attack	2019-10-16T15:27:12.459258abusebot-5.cloudsearch.cf sshd\[23670\]: Invalid user cnm from 171.244.140.174 port 35138	2019-10-16 23:35:48

Recently Reported IPs

186.31.37.205	190.74.191.28	218.92.1.130	196.223.152.58
5.188.45.22	162.243.144.247	46.4.49.150	103.26.57.255
223.223.186.98	198.0.6.214	189.236.86.118	185.211.245.157
162.243.146.37	35.240.227.214	219.90.67.238	189.86.225.54
200.143.112.126	54.37.138.172	206.189.175.19	89.223.22.64